Release Notes Version 3.5.x
Version 3.5.7 (released 2021-03-30)
- Fixed an issue where strong auth username could be reset from LDAP if not set.
- Permit larger (2GB+) FTPdir Quotas.
- Stronger relay settings for Emaildrops.
- Added route interface validation.
- Force Sms Auth Config to begin with http/https
- Remove old temporary directories as well as files.
- Fixed an issue where some systems had incorrect external group configuration, causing them to require licenses.
- Display the Strong Auth inherit correct in the Admin → Users list view.
Version 3.5.6 (released 2021-03-19)
- Better license description in the daily email.
- Better description of the System Administrator fallback password requirement.
- Fixed a problem where FTP quotas wasn't enforced.
- Updated HTML editor (menus work as expected now).
- Create favicon.png if favicon.ico exists - v3.5 uses favicon.png as favicon.
- Fixed an issue moving files and folders.
- Fixed an issue reporting files to large if trying to upload a file larger than the limit.
- Only show autosend option if it's available.
- Added option to remove ftp brute force blocking.
- Treat zip downloads some as non-zip downloads when calculating downloads when owner downloads their own files.
Version 3.5.5 (released 2021-03-05)
- Fixed an issue where uploading a folder of files to a share wasn't working.
- Fixed an issue where the auto-send when uploaded on the Compose Message page wasn't working.
Version 3.5.4 (released 2021-03-04)
- Fixed an issue updating branding on non-default domains.
- Fixed an issue where the original sender was listed in the email when replying to a private message instead of the user replying.
- Added description, revision and quota when viewing a share using the API.
- Fixed an issue where the valid recipients wasn't working properly when the setting only permit to send to existing users was enabled.
- Added SMS auth timeout.
- Show blocked extensions on the message compose page when selected.
- Domain Admins couldn't access some pages they should be able to.
- Fixed an issue searching LDAP groups that would incorrectly report an SSL error.
- Accept Cookies wasn't saved properly.
Version 3.5.3 (released 2021-02-22)
- Fixed an issue where uploading large files using User Filedrops with email addresses didn't work properly.
- Fixed a text parsing issue where for instance LDAP group names with spaces wouldn't be saved correctly.
- Fixed an issue where downloading html files would trigger two download actions so expires_after limitations would be incorrect.
- Updated the update page to make it clearer.
- Fixed an issue where /login wasn't accessible.
- Fixed an issue where some FileLink attributes wasn't updatable.
Version 3.5.2 (released 2021-02-18)
- Fixed an issue where FileLinks could select multiple files (only the first one got used).
- Fixed an issue with the daily status email that sometimes wouldn't get sent.
- Tightened the Content-Security-Policy for the image policy.
Version 3.5.1 (released 2021-02-16)
- Remove Temporary User entries for an email if a user with that email is created.
- Fixed an issue with branding uploading transparent PNGs that didn't retain their transparency.
- Added attachment download URL to the messages API.
- Fixed an issue where it wasn't possible to change Admin domain for multi-domain setups.
- Don't BCC previous recipients when replying.
- Added function to generate SHA-256 fingerprint for SAML certificates.
- Fixed an issue where some log messages wasn't written to the database.
- Added FTP/SFTP Max Login Attempt configuration and changed the brute force blocking to a connection rate limiter.
- Fixed an issue where Two-Factor authentication network override sometime wasn't working.
- Updated version of Ruby on Rails.
Version 3.5.0 (released 2021-02-04)
- Version 3.5.0, please see the major change list below to see what's changed since v3.4.x.
Major changes from version 3.4 to version 3.5
In general, LiquidFiles v3.5 has focused on improving existing features and adding a few things that really should have been in the product a while but for various reasons haven't been added until now.
- Support for Upload Resume. If an upload is interrupted, using an updated upload mechanism, uploads will now resume from the last completed 100MB chunk.
- Session Timeouts — defaulting to 60 minutes.
- Accept Cookie Alert. You can now enable to show an alert that cookies will be used when accessing LiquidFiles.
- Rearchitected the Branding configuration making it much easier to add logos and update things like the menubar, email footers and favicons.
- Temporary Users — replacing Access Passes from v3.4.
- Strong Authentication Exclude Networks — if you want to enable Strong Authentication and not require it from the local corporate network.
- Remember Strong Authentication — so that users only have to enter strong authentication every 2 weeks.
- Require SAML — you can now require a group of users authenticating using SAML.
- Redirect user to the SAML server if they don't exist but their email domain matches the match email domain attribute for a group that requires SAML authentication.
- LDAP Lookup Only. Since SAML is not a direct replacement for LDAP you can now do user lookups via LDAP and not use LDAP for authentication.
- SAML group match. If your SAML server sends the memberOf SAML attribute, you can now match groups of users using this attribute to automatically assign users to groups using SAML.
- SAML attributes updates existing account information.
- Sysadmins are now required to have a local fallback password. If you have sysadmins that authenticate using LDAP and the LDAP authentication fails, a sysadmin can authenticate using their local fallback password and update the LDAP settings as required.
- When resetting a password, all other user sessions for that user id will be invalidated.
- Updated the Admin → System → License Page, making it easier to replace license keys.
- Added Ldap attributes for phone number and strong auth username.
- Added SAML2 Azure configuration setting.
- Restrict Emaildrops to only use the systems Public Hostname as email recipient domain.
- Make Reply (as opposed to Reply-All) the default Message Reply function.
- Fixed a security issue where a custom crafted locale file could access system resources.
- Lots of internal fixes and improvements.
- Updated Ruby, Nginx, PostgreSQL and other depencies and libraries to later versions.